EasyManua.ls Logo

Check Point QUANTUM SPARK 1570 - Configuring Security Policy; Creating the Security Policy

Check Point QUANTUM SPARK 1570
311 pages
Save Page as PDF
Print Icon
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Loading...
Small-Scale Deployment Installation
R81.10.X Quantum Spark 1500, 1600, 1800, 1900, 2000 Appliances Centrally Managed Administration Guide|47
To configure the cluster in SmartConsole:
1. Change the main IP address and the IP addresses that appear in the topology table of
the GW object.
2. Install policy on Cluster.
Important - Downtime ends. At this point, the cluster contains only one member,
GW_2.
3. Go to Cluster Members > Add > Add existing gateway and edit the Cluster object.
4. If GW does not show in the list, press Help and make sure GW does not match any of the
categories that prevent it from being added to a cluster.
Note - Use the information on this Help page to determine if there are any
configuration settings you want to copy to the new Cluster object.
5. Under the new GW object, click Topology > Get Topology to edit the topology of the
Cluster object.
6. Install policy on the cluster object.
Viewing Cluster Status in the WebUI
After you complete policy installation on the Quantum Spark appliance gateway and the
gateway works as a cluster member, you can view cluster status in the WebUI application
(Device > High Availability).
Configuring Security Policy
This section describes how to work with Security Policy in small-scale deployment.
Creating the Security Policy
R80.20 and higher versions supports ordered layers and inline layers for a policy, which is a
set of rules that the gateway enforces on incoming and outgoing traffic. You can build a Rule
Base with layers, each layer with its own set of security rules. Layers are inspected in the order
in which they are defined, which gives control over the Rule Base flow and precedence of
security functionality. If an "Accept" action is done in a layer, inspection continues in the next
layer.
Sub-policies are sets of rules that you attach to specific rules. If the rule is matched, inspection
continues in the sub-policy attached to the rule. If the rule is not matched, the sub-policy is
skipped. For example, a sub-policy can manage a network segment or branch office.
Policy layers and sub-policies can be managed by specific administrators, according to their
permission profiles.

Table of Contents

Other manuals for Check Point QUANTUM SPARK 1570

Preview: Getting Started Guide
Getting Started Guide80 pages

Related product manuals